Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=18200250
Two years after chairman Bill Gates sent his now-famous memo that called for Microsoft to develop more trustworthy and secure software, security is still at the top of his priority list.
In his keynote speech at the 2004 RSA Security Conference, Gates told a crowd of roughly 10,000 security professionals Tuesday that information security is the "most important topic" because secure and trustworthy systems are what makes possible everything else computing has to offer society.
Gates also previewed several technologies designed to make computing more secure. He showed for the first time publicly a Windows Security Center that will help users understand and manage their Windows security settings. He also showed improvements to the Windows Firewall, as well as pop-up blocking enhancements that will be built into Windows Explorer.
Gates also previewed behavior-blocking software called Active Protection Technology that will be able to distinguish "good" and "bad" software behavior and potentially stop worm and virus attacks. Active Protection Technology is in an early testing stage, and no release date has been set.
He also outlined a Coordinated Spam Reduction Initiative, which will include technical specs for caller-ID-like functionality to be built into E-mail. The system would work by having E-mail senders publish their outbound E-mail IP addresses; the receiving E-mail system could vet each message against the published list to see that it was actually sent by person it was purportedly sent from.
Also Tuesday, Microsoft and RSA Security disclosed a partnership under which office computers running the latest versions of Windows could get a new degree of protection against intruders.
Instead of merely making users type in passwords to log on to a computer, users of the RSA token system would also enter a random number that appears on their SecureID, a key-chain fob or plastic card they'd carry with them. The number changes every minute, generated by an algorithm that also resides on a server inside a company's computing center.
The agreement would protect Windows-based computers with the token scheme, whether they're portable or attached to a business network. The tokens would work only on PCs running Windows 2000 or Windows XP or on servers running Windows Server 2003.